Summary
This host is installed with Wireshark and is prone to multiple denial of service vulnerabilities.
Impact
Successful exploitation will allow remote attackers to cause a denial of service.
Impact Level: Application
Solution
Upgrade to the Wireshark version 1.4.13, 1.6.8 or later, For updates refer to http://www.wireshark.org/download
Insight
- Errors in the ANSI MAP, ASF, BACapp, Bluetooth HCI, IEEE 802.11, IEEE 802.3, LTP, and R3 dissectors can be exploited to cause infinite loops via specially crafted packets.
- An error in the DIAMETER dissector does not properly allocate memory and can be exploited to cause a crash via a specially crafted packet.
Affected
Wireshark versions 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on Windows
References
Severity
Classification
-
CVE CVE-2012-2392, CVE-2012-2393, CVE-2012-3825, CVE-2012-3826 -
CVSS Base Score: 3.3
AV:A/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Firefox Browser designMode Null Pointer Dereference DoS Vulnerability - Win
- Wireshark IKE Packet Denial of Service Vulnerability (Win)
- Oracle VM VirtualBox Local Denial of Service Vulnerability-01 Oct2013 (Mac OS X)
- Oracle VM VirtualBox Local Denial of Service Vulnerability-01 Oct2013 (Windows)
- Cisco VPN Client for Windows 'StartServiceCtrlDispatche' Local Denial of Service Vulnerability